Every year, for the past five years, Gemalto has published the annual findings of its global breach level index. The 2017 report states, very early on, that an increasing number of organisations are simply accepting the fact that, despite their best efforts, security breaches are unavoidable.
The headline figure for the number of records breached in 2017 is a staggering 2.6 billion. That’s almost double the 2016 number of 1.37 billion. However, the 2017 figure is skewed slightly by the massive River City Media breach, which accounted for over half of the total number of records. At 1.34 billion records, this is the single largest data breach recorded.
If we take the River City Media (RCM) breach out of the equation, the numbers are very similar over the past two years. 1,764 breaches accounted for 1.27billion records in 2017, compared to 1,792 breaches and 1.37billion records in 2016. With RCM back in the mix, we saw an average of just under 5,000 records lost or stolen every minute of every day in 2017.
Perhaps what’s more worrying is that the percentage of breaches where the number of compromised records was unknown has gone up, from 52.2% to 55.9%. Also, despite widespread calls for greater data security, the percentage of breaches which involved encrypted data (where the data should remain secure, even in unauthorised hands) was down from 4.2% to just 3.1%.
The year of the accidental data breach
Accidental loss, resulting from poor security practices, saw a significant increase last year, leading to renewed concerns about hosting client and payment data in the cloud. Poorly managed public cloud infrastructure security policies saw major institutions, such as Accenture, the NSA and the Pentagon, exposing vast quantities of data.
Misconfigured AWS S3 buckets were just one example of poor security practices. Inadequately secure websites and unprotected back-up systems contributed to an 800% increase in accidental data loss.
Who’s hacking who?
Of course, not all breaches were accidental. 2017 also saw an increase in the number of malicious attacks, by both inside and outside actors. The total number of malicious attacks was up slightly from 1,387 in 2016 to 1,433 last year, and identity theft remains the single largest motivator – accounting for a significant majority (69%) of breaches.
Although the number of records stolen by industry shows government agencies and technology companies losing the largest number of records, the healthcare and financial services industries suffered the largest number of breaches; accounting for 40% of all incidents.
2017 also saw a renewed interest in attacks on critical infrastructure. Sophisticated email operations, such as DragonFly 2.0, have been used to attempt to gain access to energy systems in North America and Europe. If successful, unauthorised users could be in a position to commit acts of cyber-terrorism by significantly disrupting critical infrastructure systems.
What did we learn?
Although 2017 saw a small decrease in the overall number of breach incidents, the data shows that the volume of records lost per breach continues to rise. In its summary, Gemalto points to three significant trends.
Firstly, a lack of best practice when it comes to data security is resulting in the loss of millions, if not billions of records every year. Secondly, that malicious outsiders continue to pose a significant threat to data security and integrity. Finally, the number of breaches involving encrypted data is still very low.
In a world where organisations have come to accept data loss as a part of business-as-usual, it is surprising that more haven’t turned to high-assurance encryption to protect their data in the event of a breach. When prevention methods fail, protection is the only way to ensure your data remains secure in the hands of unauthorised users.
Not all encryption solutions are the same. In order to offer long-term data protection a solution must meet four key criteria. It should be a secure hardware device, dedicated 100% to network data encryption. It should offer end-to-end, authenticated encryption. It should use acknowledged, standards-based encryption algorithms. Finally, it should feature secure encryption key management, where you (and only you) have access to the keys.
If you are considering your encryption options, always look for one that has been certified by one of the international standards authorities (FIPS, Common Criteria, NATO etc.), this is evidence that it meets the exacting standards required to secure government and defence data – a standard that has been adopted by enterprises across the world for corporate data.
To find out more about high-speed network data encryption, visit the quantum safe cryptography section of our website.
You can download a copy of the 2017 Gemalto Breach Level Index Report here